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ABSTRACT 


Randomness is at the heart of today’s computing. There are two categorical methods to 
generate random numbers: pseudorandom number generation (PRNG) methods and true 
random number generation (TRNG) methods. While PRNGs operate orders of magnitude 
faster than TRNGs, the strength of PRNGs lies in their initial seed. TRNGs can function 
to generate such a seed. This thesis will focus on studying the feasibility of using the next 
generation Naval Postgraduate School Femto Satellite (NPSFS) as a TRNG. The hardware 
for the next generation will come from the Intel Quark D2000 along with its onboard 
BMC 150 6-axis eCompass. We simulated 3-dimensional motion to see if any raw data 
from the BMC 150 could be used as an entropy source for random number generation. We 
studied various "schemes" on how to select and output specific data bits to determine if 
more entropy and increased bitrate could be reached. Data collected in this thesis suggests 
that the BMC 150 contains certain bits that could be considered good sources of entropy. 
Various schemes further utilized these bits to yield a strong entropy source with higher 
bitrate. We propose the NPSFS be studied further to find other sources of entropy. We also 
propose a prototype be sent into space for experimental verification of these results. 
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Executive Summary 


Randomness is at the heart of today’s computing. There are two categorical methods to 
generate random numbers: pseudorandom number generation (PRNG) methods and true 
random number generation (TRNG) methods. While PRNGs operate orders of magnitude 
faster than TRNGs, the strength of PRNGs lies in their initial seed. TRNGs can function 
to generate such a seed. This thesis will focus on studying the feasibility of using the next 
generation Naval Postgraduate School Femto Satellite (NPSFS) as a TRNG. The hardware 
for the next generation will come from the Intel Quark D2000 along with its onboard 
BMC 150 6-axis eCompass. 

It was assumed that the NPSFS would be tumbling in space, so a special three-dimensional 
(3D) rig was designed to mimic this 3D motion. The prototype was flashed with partic¬ 
ular firmware that would send raw data along with metadata to a collection machine via 
Bluetooth. Thirteen samples of a million raw data entries each were collected while the 
prototype was in motion. Another thirteen samples of a million raw data entries were also 
collected with the rig not moving to see if there were any interesting properties inherent in 
the system. 

The collected raw data was analyzed to determine if any particular bits from the BMC 150 
exhibited good entropy. We studied various "schemes" on how to select and output specific 
data bits to determine if more entropy and bitrate could be reached. Each resulting bit 
stream was run through NIST STS suite of randomness tests along with Fourmilab’s ENT 
suite of tests. The bit streams were also compared against well-known PRNG bit streams 
as a control. The PRNGs used were BBS, EORTUNA, and Unix /dev/urandom. 

The results of this thesis suggest that the BMC 150 does in fact contain certain bits that 
could be considered good sources of entropy. Various schemes further utilized these bits to 
yield a strong entropy source with higher bitrate. 

We propose the NPSES be studied further to find other sources of entropy. We also propose 
a prototype be sent into space for experimental verification of these results. Additionally, 
communication methods and protocols, as well as possible uses should also be studied. 
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CHAPTER 1: 

Introduction 


Randomness is all around us. Humankind has been taking advantage of randomness since 
time immemorial. Its uses range from trivial decision making methods, like using a 
coin toss to determine what shirt to wear, to critical uses that safeguard national secrets 
and protect the lives of warriors around the globe. Without randomness, patterns in our 
communications would arise and give way to another person being able to read what we 
wished to keep secret. Without randomness, simulations would be repetitive and would not 
emulate the real world. Without randomness, “games of chance” would become “games 
of predictability,” and quite honestly, not much fun to play. It is the key to the “strength” 
of modern computing communications security and the unsung hero at the core of today’s 
computing. 

Though seeming to be an intuitive idea, putting your finger on the definition of randomness 
is not quite so easy. Over the years, many definitions have been given to what qualifies as 
randomness, but none seem to satisfy everyone. For the purposes of this paper, we will 
use the definition provided by Professor D. H. Lehmer in 1951. He informally defined 
randomness, or more specifically a random sequence where “each term is unpredictable to 
the uninitiated and whose digits pass a certain number of tests traditional with statisticians” 
[1]. Another definition in the realm of Computing and Information Theory proposed by 
Chaitin and Kolmogorov, states that “a series of numbers is random if the smallest algorithm 
capable of specifying it to a computer has about the same number of bits of information as 
the series itself’ [2]. 

We now need to define a term to denote the quality of “how good” something is at generating 
random numbers, a quantitative word to describe "how much" randomness a generator 
produces. The term we use for this is “entropy.” Defining entropy is as elusive as the 
definition of randomness. It has many meanings for different areas of science. For the 
purposes of this paper, we will define entropy as “the randomness collected by an operating 
system or application for use in cryptography or other uses that require random data. This 
randomness is often collected from hardware sources, either pre-existing ones such as 
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mouse movements or specially provided randomness generators” [3]. In order to provide 
a metric for these sources, we quantify and measure the entropy of certain sources by 
various statistical tests. Now that we have established what we understand what is meant 
by the terms "randomness" and "entropy", we will discuss the two main categories for 
the methods of generating random numbers: true random number generation (TRNG) and 
pseudorandom number generation (PRNG). 

True random number generation often involves sampling some phenomena in the natural 
world with the expectation that the outcome is unpredictable. Generating numbers in nature, 
though, assumes an axiom at some level that the outcomes of these phenomena cannot be 
predictable. For example, let us say that we use coin flipping as our generator. While we 
would assume it would be impossible to determine the result of a coin toss, determining 
the outcome of coin tossing is actually a physics problem that involves many variables. 
Nitipak Samsen from the Royal College of Art has made coin flipping devices that yield 
accurately predictable results [4]. One method that is used to generate random numbers 
uses atmospheric noise as an entropy source [5], while another well-known method is to use 
timing of emissions from a radioactive decaying isotopes [6]. Yet another more mundane 
source involves human-based input, such as computer mouse movement or keyboard typing 
timing [7]. 

All of these methods, however, have two main limitations: they cannot be reproduced and 
it takes a considerable amount of time to acquire a large amount of numbers. 

In order to take advantage of today’s computing speed, certain deterministic algorithms 
are implemented on computers to produce a seemingly random sequence, making them 
pseudorandom instead of truly random. A problem with this method is that these sequences 
will eventually repeat themselves, although modern algorithms are able to generate number 
sequences whose period is too long to be practically noticed. In order to be able to reproduce 
sequences, we start generating numbers based on the same initial conditions. This starting 
number is often called a “seed” or “initialization vector.” The ability to determine the 
sequence generated from any PRNG algorithm is directly related to the ability to determine 
the value of the seed. Therefore, the strength of the algorithm is based on the infeasibility 
of determining the actual value of the seed. In the case that a particular algorithm is created 
and exhibits enough randomness, that algorithm can be used for cryptographic purposes. 
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This particular subset of pseudorandom number generators fall into a speeial subelass ealled 
cryptographieally-secure pseudorandom number generators (CSPRNGs). 

The Naval Postgraduate School Foundation has sponsored researeh of the different uses of 
their sponsored Femto Satellite, with true random number generation being one of their 
interests. Our research will focus on the feasibility of using a Naval Postgraduate Sehool 
Femto Satellite (NPSFS), or more speeifieally, its onboard sensors, as a TRNG. 
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CHAPTER 2: 
Previous Work 


2.1 Random Number History 

It is important to survey previous efforts at true random number generation to get insight 
into how true random numbers are currently being generated. While there are a number 
of true random number generation setups in existence, we will focus on some of the more 
popular methods available to the public: radio frequency noise sampling, radioactive isotope 
emission timing, and computer hardware timing. 

2.1.1 Random.org 

In 1997, Dr. Mads Haahr set about to build an engine for online gambling. This would 
require a good random number source to avoid unfair gambling practices. While he 
eventually moved away from the gambling engine focus, his interest in random number 
generation continued. He would eventually set up a system to sample radio frequency noise 
as an entropy source. What has made his work of such value is that this setup is made 
available to the public by way of the website random.org [5]. 

2.1.2 Hotbits 

Another widely available source of truly random numbers was developed by John Walker, 
the founder of Autodesk, Inc., by way of his Hotbits program. This setup is based around 
the unpredictability of radioactive isotope emission timing as the source of entropy. A 
Geiger-Miiller detector tube is interfaced with a computer to detect the emissions in order 
to produce a random number. He also provides random numbers to the world via his 
website [6]. 

2.1.3 Computer Provided Randomness 

The importance of random numbers in computing has been known for decades, as noted by 
Knuth [8]. In 1994, a Linux kernel programmer, Theodore Ts’o, “wrote a driver for Linux, 
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which takes information about hard [difficult] to predict events like keyboard and mouse 
use, packet and disk drive timings, and so on, and used it to seed a cryptographically secure 
random number generator” [9]. Since Ts’o’s implementation, other modules have been 
implemented to address some of the algorithm’s weaknesses and limitations. However, 
the popularity and importance of this module has resulted in this module and its follow-on 
implementations to be integrated in most major operating systems [9]. 


2.2 Small Satellite Origins 

We now turn our attention to the historical milestones in the lead up to the NPSFS. We will 
discuss the origins of the KickSat project, the NPS Foundation involvement. 

2.2.1 KickSat 

Zachary Manchester, a graduate student in Aerospace Engineering at Cornell University [10] 
stood up a Kickstarter [11] campaign for KickSat (see Figure 2.1). The KickSat initiative 
was to design, build and deploy small, inexpensive, consumer-grade satellites. Because 
of their small size, they can be loaded into a launcher with a very small footprint. Once 
the launcher is loaded, the launcher is set into space, where the launcher ejects the small 
satellites into orbit (see Figure 2.3). Because of their low cost, many of these satellites could 
be made and deployed and be programmed for various uses. The result was an inexpensive 
satellite network that could be deployed on a minimal budget. 



Figure 2.1. KickSat. Source: [10]. 
Photo credit: Zachary Manchester 
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2.3 NPS Foundation Sponsorship 

The NPS Foundation decided to sponsor NPS research and further develop the idea of 
using Femto Satellites-size platforms for DoD purposes. This is the origin of the NPS 
Femto Satellite (NPSFS). Research began both on component selection for the generations 
of satellites as well as viable functions of individual satellites (see Figure 2.2). 

Some of the research areas are: using a satellite network for geolocation in a GPS denied 
environment, spreading them on the surface of the ocean to act as a relay between underwater 
and overhead communications assets, an ad-hoc communications network for on-demand 
communication needs. The research area that was chosen for this specific thesis is the 
ability to use the NPSFS as a True Random Number Generator. 



Figure 2.2. NPSFS. Source: [12]. 
Photo credit: Andy Filo 


Figure 2.3. NPSFS Launcher. Source: [12]. 
Photo credit: Ben Bishop 



2.4 NPSFS TRNG 

While some of the TRNGs mentioned require special equipment, these are only available to 
the immediate audience, or require access to an infrastructure. Our work will seek to be able 
to provide truly-random numbers amongst a satellite network cluster. We will study how 
good of an entropy sources would the specific sensor on the NPSFS be at producing random 
numbers, discuss various constraints and assumptions, explain our methodology, present 
the results of our studies, and finally wrap up discussing our outcome and recommend some 
other studies that would help further research in this topic. 
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CHAPTER 3: 
Study 


In order to study the ability of the NPSFS to generate truly-random numbers, we hrst decided 
what the future NPSFS components will be. Once they were identified, we determined which 
component we would use as an entropy source. We then programmed the device to output 
raw data. After that, we simulated the expected environment the NPSFS will be in. Once 
under simulated conditions, raw data from the device was gathered. Once gathered, the 
data was tested to see if we are able to extract random numbers from this data. We then 
analyzed our results. 

3.1 Hardware Selection 

The Electrical and Computer Engineering Department at NPS hosted a college internship 
program over the summer of 2016 [13]. These interns were led by NPS Professor Peter 
Ateshian. At the end of the summer program, the group had selected the Intel Quark 
processor as the planned processor for future NPSES outfitting. The Quark process was 
selected due to its extremely low power usage, reasonable speed, and ability to do certain 
mathematical calculations in few cycles. 

The development kit that was used for testing the Intel Quark processor was the Intel Quark 
D2000 development kit (see Eigure 3.1). The D2000 was designed with Arduino-compatible 
header layout for use with existing Arduino shields. The D2000 also came with a battery 
bay that would allow the D2000 to be powered with a coin-cell battery. Einally, the D2000 
came with a 6-axis eCompass, the Bosch BMC 150. This eCompass would provide 3-axis 
accelerometer and 3-axis magnetometer. This eCompass was also chosen as a component 
to be put on the future NPSES generations. 
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Figure 3.1. Intel Quark D2000. Source: [14]. 


3.2 Entropy Source Identification 

The NPSFS will be outfitted with a number of different eomponents that eould be potential 
sources of entropy for random number generation. Some of the possible candidates are 
as follows: unshielded memory subject to cosmic radiation that might flip bits, location 
and timing information; on-board radio transceiver sampling radio frequency noise, similar 
to Dr. Haahr’s experiment, but implemented on a Femto satellite in space; the on-board 
inertial measurement unit (IMU). An IMU provides data about the physical orientation and 
motion of the device. An IMU provides accelerometer data, measuring how the device is 
accelerating or decelerating in all three axes, as well as magnetometer data, which measures 
there the device is “pointing” relative to the earth’s magnetic field, like a normal compass 
except proving you with three dimensional orientation data. The Bosch BMC 150 was 
selected as the IMU that would used on the upcoming generations of NPSFS. Since it was 
already available on the D2000, we studied how to generate truly-random numbers with the 
D2000 and on-board BMC 150. 


3.3 Firmware Programming 

Once we agreed that the BMC 150 was the device that was to be studied, we needed to get the 
raw data from the device registers. The software Intel provided to program the D2000 was 
the Intel System Studio Microcontrollers. This suite came with example programs using 
the accelerometer and magnetometer to demonstrate interfacing and using the data from the 
BMC 150. Studying the datasheet for the BMC 150 [15], we found that the BMC 150 stores 
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its accelerometer data, magnetometer data, and temperature data in three different register 
banks in its internal memory. Preliminary studies showed that the temperature did not 
have sufficient resolution to experience minute temperature changes and was therefore not 
considered for this study. We investigated the particular register layouts of the accelerometer 
and magnetometer register banks to get a feel of what data we had at our disposal. 

3.3.1 Layout of BMC Registers 

As laid out in the BMC 150 data sheet, all three accelerometer registers are 12 bits long, 
followed by three empty bits, ending with a “new data” bit (see Figure 3.2). This “new 
data” bit is 1 if that particular register contains a fresh value that has not been “seen” by 
the D2000. Otherwise, a 0 would indicate that this register contains a “stale” value that 
has already been “seen” by the D2000 and not refreshed with a new value. For this reason, 
good raw register entries should be odd. If they were even, with the last bit would being a 
0, this would indicate a stale entry that has already been seen. 


Bit Positions 
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OxE 

OxD 

OxC 

OxB 

OxA 

0x9 

0x8 
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Bit 10 
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Figure 3.2. Layout of Accelerometer Registers 


The Magnetometer register in the Z direction is 15 bits long, followed by its “new data” 
bit (see Figure 3.3). The magnetometer in the X and Y directions are both 13 bits long, 
followed by two empty bits, and end with their respective “new data” bits. These “new data” 
bits behave like the “new data” bits in the accelerometer registers. 
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Figure 3.3. Layout of Magnetometer Registers 
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3.3.2 Programming the Firmware 

Once the layout of the partieular registers was determined, we set about writing the eode to 
be flashed onto the D2000. We tweaked the BMC 150 library code to allow aceess to the 
raw register data and wrote a small program that eombined the reading of the aceelerometer 
and magnetometer. This program outputs the raw data in hex format as a eomma-separated 
list having the three aeeelerometer axes data, the three magnetometer axes data on a single 
line out to the Universal Asynehronous Reeeiver/Transmitter (UART) serial interface on 
the board. 


3.4 Environment Simulation 

Once we understood how to output raw data over the serial interface, we needed to simulate 
the environment the deviee would be operating in. We did not know how the deviee would 
tumble in space. Based on this, we assumed that the deviee would be moving in a random 
three-dimensional (3D) motion. To simulate this, a speeial rig was designed and fabricated 
(see Figure 3.4). This rig was designed to spin in two axes, whieh would simulate motion 
in 3 axes. One controller was used to eontrol the speed of the motor that spun the U-shaped 
arm. The other eontroller was connected to a slip ring in the base to control the speed of 
the motor that would spin the D2000 enelosure along the spinning arm’s axis. To minimize 
cumbersome eonneetions, we deeided to use an HC-06 Bluetooth module to eommunicate 
the serial data from the D2000 to our eolleetion maehine. Instead of having another set of 
slip rings pass power to the deviee, we deeided to power the D2000 along with its Bluetooth 
deviee using inexpensive hobby LiPo batteries. This ehoice was made because a 1-eell LiPo 
provides the 3.3V needed for D2000 and Bluetooth to operate and weighs very little and 
minimizes the effect on the spinning motion. 
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Figure 3.4. 3D Motion Simulation Rig 


3.5 Data Gathering 

Once the device was paired with the eollection machine, we started to eolleet data to see 
if there were any idiosyncrasies in collecting the data. We collected one million samples 
while the device was stationary and one million samples while the device was moving. 
The amount of time it took to collected one million samples from the stationary setup was 
approximately 45 minutes, while the time it took to collect the one million samples from 
the moving setup was more than 2 hours. In order to determine if the delay was caused 
by loss of data or if the device was simply taking longer to transmit the data, we added an 
incrementing counter to act as a local serial number and a D2000 tiek eounter to the end of 
the raw data line broadcast by the D2000. A small program was eoded up to take the time 
stamp of when the particular data was received and pre-pended it to the received raw data 
[Appendix A], We also wanted to identify if Bluetooth was eausing problems, so we split the 
D2000 UART connection to output to both the Bluetooth module as well as a serial cable 
to the collection machine. One million samples were run and collected simultaneously. 
The result showed no excessive differences in the data collected from the Bluetooth and the 
direct serial cable, so we coneluded that the delay was caused by the deviee providing data 
a bit slower than antieipated whieh would not severely impaet our study. 
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CHAPTER 4: 
Methodology 


We now get to the task of understanding and working with a whole lot of data. We will 
first deseribe the amount and kinds of data we collected. We follow this by describing the 
anatomy of a raw data entry. Then, we will discuss the different ways we handled the raw 
data in order to extract numbers that prove to be random. We will then briefly discuss some 
pseudorandom number generated data as a control. We will then discuss the various tests 
that were selected in order to determine if these numbers are random or not. 


4.1 Data Sets 

Because we are testing a number generator that is constrained to the physical world, gener¬ 
ating these raw data sets took hours to produce one usable raw data set. In some instances, 
the rig was left to generate numbers, only to return and find that particular dataset to be 
faulty, due to the rig getting stuck. In the end, we were able to collect thirteen datasets with 
the rig in motion. Each dataset consisted of one million entries. We also were able to gather 
thirteen datasets with the rig not in motion. These data sets also consisted of one million 
entries each. 


4.2 Data Entry Description 

Each entry in these raw datasets has the same anatomy. The first entry is a timestamp 
placed by the collecting machine to track what time the particular entry was received. This 
timestamp is expressed as the number of milliseconds since January 1, 1970, 12:00 am. 
The timestamp is followed by a semicolon to mark the beginning of data received from the 
D2000. 

Unfortunately, the output function available to the D2000 from the programming suite only 
allows a limited subset of “printf ’ functionality [16]. In attempt to save space, all the values 
sent are in hexadecimal format and separated by a comma. Each register is 16-bits long, 
though the output might suggest more bits due to the two’s complement representation of 
negative values. The first six values output from the D2000 are, in order: accelerometer 
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X, accelerometer Y, aecelerometer Z, magnetometer X, magnetometer Y, magnetometer Z. 
After these values, the next value is the local serial number in hexadeeimal format. The 
final value output is the tick counter on the D2000 in hexadecimal format (see Figure 4.1). 


1486430626265;11,671,FFFFFAFl,FFFFFE68,FFFFE9C5,FFFFFD22,4170,41BA4F 


1 


Timestamp 


Accelerator X — 


Accelerator Y 


Accelerator Z 


A. 


Magnetometer X 


Magnetometer Y —• 


Magnetometer Z 


Serial Number 


Tick Counter 


Figure 4.1. Explanation of Raw Data Entry 


4.3 Schemes 

Now that we had a good number of raw datasets, our goal was to see if we ean use this raw 
data in some way to extraet random numbers from it. For the purposes of this paper, we 
used the term “scheme” to describe a speeifie way of eombining speeific bits in order to see 
if the resulting output from a particular scheme was random. We determined if they were 
random by running this output sequenee through a number of widely-used tests to determine 
if a particular bit sequence was random. For the remaining subseetions of this chapter, we 
introduce a partieular notation to help clarify what exactly we are referring to. The notation 
will eonsist of a letter A for an aceelerometer register bank or M for a magnetometer register 
bank. We follow that first eharaeter by the speeific axis in that register we are looking at: 
X for the X-axis, Y for the Y-axis, and Z for the Z-axis. We follow this with a hexadeeimal 
value refereneing the speeifie bit in that register on whieh we are focusing. For example, 
AYS is the aeeelerometer Y-axis register’s 0x5 bit; MZC is the magnetometer Z-axis OxC 
bit. For a visual reference, please refer to Figures 3.2 and 3.3. 
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4.3.1 Scheme 1 - Individual Bits 

This scheme is the most straight forward. We will foeus on a partieular bit in a partieular 
register. We will take that value in eaeh entry of the raw data and output them one after 
another. This will enable us to identify if any partieular bit is a good entropy source in and 
of itself. Here is the pseudocode and visual representation (Figure 4.2) of the Individual 
Bits seheme: 


Scheme 1 Algorithm 

1; 

procedure Scheme l(/iea<i, register, field) 


2: 

entry <— *head 

> Start at the beginning of the entry list 

3: 

while entry 4^ null do 

> While not the end of entry list 

4: 

output <— entry[register][bit] 

> Output speeifie bit 

5: 

entry <— entry .next 

> Get the next entry 


Entry Speeifie Register/Bit Output Sequence 

i 

1 

1 

i + 1 

0 

1 0 

/ + 2 

0 

10 0 

i + 3 

1 

10 0 1 


Figure 4.2. Individual Bits 


Things to note for upcoming schemes 

We will show in the next ehapter the results of this experiment, but we will move forward 
with the following knowledge. AX4 is the bit that seems to be the best entropy souree in the 
aeeelerometer X register. We will eall this bit the most random bit (MRB) in aeeelerometer 
X. AYS is the bit that seems to be the best entropy souree in the aeeelerometer Y register. We 
will eall this bit the MRB of aeeelerometer Y. AZ5 is the bit that seems to be the best entropy 
souree in the aeeelerometer Z register. We will call this bit the MRB of aeeelerometer Z. 
Sinee none of the magnetometer registers appear to be good entropy sourees, when we 
need a partieular bit to be used from the magnetometer registers, we will use the least 
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significant data bit (LSB) from each register. For magnetometer X, the LSB is MX3. For 
magnetometer Y, the LSB is MY3. For magnetometer Z, the LSB is MZl. In some future 
schemes, we will want to use other bits from the accelerometer registers in addition to the 
MRB. We selected AX5 to be the second most random bit (SMRB) in the accelerometer 
X register, AY6 as the SMRB in the accelerometer Y register, and AZ6 as the SMRB in 
the aecelerometer Z register. Armed with these bits, we can then use this information to 
configure the following sehemes. 


4.3.2 Scheme 2 - Accelerometer XAf/Z MRB Concatenation 

In this scheme, we will take the MRB from each of the three accelerometer registers and 
concatenate them before sending them as output. For clarifieation, we will be putting them 
in the following order: AX4, AYS, AZ5. Here is the pseudocode and visual representation 
(Figure 4.3) of the accelerometer X/Y/Z MRB Concatenation scheme: 


Scheme 2 Algorithm 

1 

procedure ScHEME2(/iea(i) 


2 

entry <— *head 

> Start at the beginning of the entry list 

3 

while entry 4^ null do 

> While not the end of entry list 

4 

output <— entry[Acc_X][MRB] 

> Output Acc_X MRB 

5 

output <— entry[Acc_X][MRB] 

> Output Acc_Y MRB 

6 

output <— entry[Acc_X][MRB] 

> Output Acc_Z MRB 

7 

entry <— entry.next 

> Get the next entry 


Entry Accel_X MRB Accel_Y MRB Accel_Z MRB Output Sequence 

i 

0 

1 


1 

0 


1 

1 

101 

i + 1 

1 

1 


0 

1 


1 

0 

... 101 110 

i + 2 ... 

1 

0 


0 

0 


0 

1 

101110 001 



Figure 4.3. Concatenating Accelerometer LSB 
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4.3.3 Scheme 3 - Accelerometer MRB Shrinking Using Magnetometer 
LSB Trigger 

For this scheme, we used a concept that was published in 1993 by Don Coppersmith, Hugo 
Krawezyk, and Yishay Mansour. [17] A short explanation of this scheme is the use of one 
pieee of data to determine if another pieee of data is output. For the purposes of this seheme, 
we will use a magnetometer axis LSB to trigger the corresponding axis’ aeeelerometer MRB 
to be output. If MX3 is a 1, AX4 will be output, but if MX3 is a 0, AX4 will not be output. 
Similarly if MY3 is a 1, AYS will be output, but if MY3 is a 0, AYS will not be output. 
Finally if MZl is a 1, AZS will be output, but if MZl is a 0, AZS will not be output. 
Here is the pseudocode and visual representation (Figure 4.4) of the accelerometer MRB 
Shrinking using magnetometer LSB Trigger seheme: 


Scheme 3 Algorithm 

1; procedure ScHEME3(/iea<i) 

2 : entry <— *head 

3: while entry null do 

4: if Mag_XLSB = 1 then 

5: output <— entryYAcc_X]{MRB\ 

6: if MagJYLSB = 1 then 

7: output entry[Acc_Y][MRB] 

8: if Mag_ZLSB = 1 then 

9: output <— entryYAcc_Z]YMRBl\ 

10 : entry <— entry.next 


> Start at the beginning of the entry list 
> While not the end of entry list 

> Output Aee_X MRB if Mag_X LSB 

> Output Aee_Y MRB if Mag_Y LSB 

> Output Aec_Z MRB if Mag_Z LSB 

> Get the next entry 


Entry Accel_X MRB Mag_X LSB Output Sequenee 

i 

0 

1 


1 

0 


i + 1 

1 

1 


0 

1 

1 

i + 2 ... 

1 

0 


0 

0 

1 

i + 3 

1 

0 


0 

1 

1 0 


Figure 4.4. Using Magnetometer LSB as Shrinking Trigger 
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4.3.4 Scheme 4 - Accelerometer MRB Shrinking Using Accelerometer 
SMRB Trigger 

This scheme is similar to Scheme 3 with the alteration that the trigger is no longer the 
LSB of a magnetometer LSB, but rather the second most random bit (SMRB) of the same 
accelerometer register. If AX5 is a 1, AX4 will be output, but if AX5 is a 0, AX4 will not 
be output. Similarly if AY6 is a 1, AYS will be output, but if AY6 is a 0, AYS will not 
be output. Finally, if AZ6 is a 1, AZS will be output, but if AZ6 is a 0, AZS will not be 
output. Here is the pseudocode and visual representation (Figure 4.5) of the accelerometer 
MRB Shrinking using aecelerometer SMRB Trigger seheme: 


Seheme 4 Algorithm 

1: procedure ScHEME4(/ieaJ) 

2: entry <— *head 

3: while entry 4^ null do 

4: if Acc_XSMRB = 1 then 

5: output <— entryYAcc_X]{MRB\ 

6: if Acc_YSMRB = 1 then 

7: output «— entry[Acc_Y][MRB] 

8: if Acc_ZSMRB = 1 then 

9: output «— entryYAcc_Z\YMRB^ 

10: entry <— entry .next 


> Start at the beginning of the entry list 
> While not the end of entry list 

> Output Acc_X MRB if Acc_X SMRB 

> Output Acc_Y MRB if Acc_Y SMRB 

> Output Acc_Z MRB if Aee_Z SMRB 

> Get the next entry 


Entry Accel_X SMRB / Accel_X MRB Output Sequence 

i 

0 

1 


i + 1 

1 

1 

1 

i + 2 

1 

0 

1 0 

/ H" 3 

0 

0 

1 0 

i + 4 

1 

0 

10 0 


Figure 4.5. Using Accelerometer SLSB as Shrinking Trigger 
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4.3.5 Scheme 5 - Accelerometer MRB Timed by Magnetometer 2xLSBs 

This scheme is somewhat a variation of the Shrinking Generator used in the previous two 
sehemes. In this seheme, we take a MRB from an aeeelerometer register, then take the 
value from the two LSBs from the eorresponding magnetometer register. The value of 
these bits will determine how many of the next entries will be skipped before this partieular 
aeeelerometer MRB will be taken again with the magnetometer two LSBs being taken again. 
The two LSBs for magnetometer X are MX3 and MX4. The two LSBs for magnetometer 
Y are MY3 and MY4. The two LSBs for magnetometer Z are MZl and MZ2. Here is 
the pseudoeode and visual representation (Figure 4.6) of the accelerometer MRB Timed by 
magnetometer 2xLSBs seheme: 


Scheme 5 Algorithm 


1 

2 

3 

4 

5 

6 

7 

8 
9 

10 

11 

12 

13 

14 

15 

16 

17 

18 
19 


procedure ScuE.mB5{head) 
entry *head 
timerX, timerY, timerZ 0 

while entry 4^ null do 
if timerX = 0 then 

output «— entry[Acc_X][MRB] 
timerX Mag_X2xLSB 

else 

timerX = timerX - 1 
if timerY = 0 then 

output «— entry[Acc_Y][MRB] 
timerY «— Mag_Y2xLSB 
timerY = timerY — 1 
if timerZ = 0 then 

output «— entry{Acc_Z^{MRB^ 
timerZ Mag_Z2xLSB 

else 

timerZ = timerZ — 1 
entry <— entry .next 


> Start at the beginning of the entry list 
> While not the end of entry list 

> Output Aee_X MRB if timerX is 0 

> timerX gets value from Mag_X 2xLSB 

> Deerement timerX 

> Output Aee_Y MRB if timerY is 0 

> timerY gets value from Mag_Y 2xLSB 

> Deerement timerY 

> Output Aee_Z MRB if timerZ is 0 

> timerZ gets value from Mag_Z 2xLSB 

> Decrement timerZ 

> Get the next entry 
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Entry Accel_X MRB Mag_X LSB Output Sequenee 

i 

0 

1 


1 

0 

1 

i + 1 

1 

1 


0 

1 

1 

/ + 2 

1 

0 


0 

0 

1 

/ + 3 

1 

0 


0 

1 

1 0 

i + 4 ... 

1 

1 


1 

1 

1 0 

i + 5 

0 

0 


0 

0 

10 0 

i + 6 

0 

1 


1 

1 

10 0 1 


Figure 4.6. Using Magnetometer LSBs as Sleep Timer 


4.3.6 Scheme 6 - Accelerometer MRB Timed by Accelerometer 2xSM- 
RBs 

This scheme is similar to the previous seheme with the exeeption that instead of using 
the two magnetometer LSBs. The two bits starting with aeeelerometer X SMRBs will be 
used. These two bits for aeeelerometer X are AX5 and AX6. The two bits starting with 
aeeelerometer Y SMRBs will be used. These two bits for aeeelerometer Y are AY6 and 
AY7. the two bits starting with aeeelerometer Z SMRBs will be used. These two bits 
for aeeelerometer Z are AZ6 and AZ7. Here is the pseudocode and visual representation 
(Figure 4.7) of the aeeelerometer MRB Timed by aeeelerometer 2xSMRBs seheme: 
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Scheme 6 Algorithm 
1: procedure ScHEME6(hea(i) 

2: entry <— *head > Start at the beginning of the entry list 

3: timerX, timerY, timerZ <— 0 

4: while entry 4^ null do > While not the end of entry list 

5; if timerX = 0 then 

6: output <— entry[Acc_X][MRB] > Output Acc_X MRB if timerX is 0 

7: timerX <— Acc_X2xSMRB > timerX gets value from Acc_X 2xSMRB 

8 : else 

9: timerX = timerX - 1 > Decrement timerX 

10; if timerY = 0 then 

11: output entry[AccJY^[MRB\ > Output Acc_Y MRB if timerY is 0 

12: timerY <— AccJYlxSMRB > timerY gets value from Acc_Y 2xSMRB 

13: else 

14; timerY = timerY - 1 > Decrement timerY 

15: if timerZ = 0 then 

16: output entry[Acc_Z][MRB] > Output Acc_Z MRB if timerZ is 0 

17: timerZ <— Acc_Z2xSMRB > timerZ gets value from Acc_Z 2xSMRB 

18: else 

19: timerZ = timerZ - 1 > Deerement timerZ 

20: entry <— entry .next > Get the next entry 


Entry Accel_X 2 SMRB Timer, Accel_X MRB Output Sequence 

i 

1 

0 

1 

1 

i + 1 

0 

1 

1 

1 

i + 2 

0 

0 

0 

1 

/ + 3 

0 

1 

0 

1 0 

i + 4 

1 

1 

1 

1 0 

i + 5 

0 

0 

0 

10 0 

i + 6 

1 

1 

1 

10 0 1 


Figure 4.7. Using Accelerometer SLSBs as Sleep Timer 
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4.3.7 Scheme 7 - Register Parity 

This scheme simply computes and takes the parity bit of each of the accelerometer and mag¬ 
netometer registers and outputs them. The order of output is as follows: accelerometer X 
parity, accelerometer Y parity, accelerometer Z parity, magnetometer X parity, magnetome¬ 
ter Y parity, and magnetometer Z parity. Here is the pseudocode and visual representation 
(Figure 4.8) of the Register Parity scheme: 

Seheme 7 Algorithm 

> Start at the beginning of the entry list 
> While not the end of entry list 

> Output Parity of entire Acc_X register 

> Output Parity of entire Acc_Y register 

> Output Parity of entire Acc_Z register 

> Output Parity of entire Mag_X register 

> Output Parity of entire Mag_Y register 

> Output Parity of entire Mag_Z register 
> Get the next entry 


Entry 

Register 

Parity Bit Output Sequence 

i 

i + 1 

i + 2 

i + 3 

i + 4 

i + 5 

0 

0 

0 

0 

1 

0 

1 

0 



0 


0 

0 1 

0 10 

0 10 1 

0 10 10 

0 10 10 1 

1 

0 

0 

1 

1 

0 

0 

0 


1 


0 

1 

1 

0 

0 

1 

1 

0 


0 


1 

1 

1 

0 

1 

1 

0 

0 


1 


1 

0 

1 

0 

0 

0 

0 

0 


0 


1 

1 

1 

1 

1 

1 

0 

1 


1 








Figure 4.8. Using Parity Bits Of Each Data Source 


1: procedure ScHEME7(/rea<i) 

2 : entry <— *head 

3: while entry 4^ null do 

4: output <— parity{entry[Acc_X]) 

5: output <— parity{entry[Acc_Y]) 

6 : output <— parity{entry[Acc_Z]) 

1: output <— parity{entry[Mag_X]) 

8 : output <— parity{entry[Mag_Y]) 

9; output <— parity{entry[Mag_Z]) 

10 ; entry <— entry.next 


4.4 Control Sets 

In order to see how these bitstreams compare widely-used random number generators, we 
selected a few PRNGs to test against. We selected the Blum-Blum-Shub (BBS) PRNG 
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as our first control. The second PRNG we selected was the FORTUNA PRNG. The 
third PRNG used was the “/dev/urandom” device on the collection machine. For each 
PRNG, 13 samples of one million hits were collected and run through the same tests 
as our project data. The code used to generate the BBS datasets was downloaded from 
https://github.com/graffitiplum/gmphhs. The code used to generate the FORTUNA datasets 
was downloaded from http://www.seehuhn.de/pages/fortuna and modified slightly. 


4.5 Testing 

While there are a number of test suites that are used for testing whether a sequence is 
random or not, we decided to use two test suites in order to determine if our bit sequences 
were random. These test suites are: the NIST STS and Fourmilabs’ ENT test suite. 

4.5.1 NIST STS Tests 

The U.S. National Institute of Standards and Technology (NIST) Statistical Test Suite (STS) 
is widely used as a test suite to determine whether a particular bit sequence is random. Some 
great work was already been done [18], [19] in explaining, comparing, and contrasting the 
different STS tests. The current version of STS runs fifteen different tests on a provided 
data stream and returns a common measure to use for evaluation, a p-value. 

Evaluation Criteria 

For this research, as suggested by NIST, we decided to set the threshold for any test to be 
a p-value of .01. If any tests return a value less than .01, we considered that particular bit 
sequence to have not passed that test. There are a few reasons particular tests are not passed. 
In some cases, that sequence simply fails to pass the threshold. Another reason a test might 
not be passed is that it did not apply to that bit sequence, since certain criteria are not being 
met for when the test was conducted. An example of such a test is the Random Excursion 
test that will not return successfully if the bit sequence is not long enough. When a test fails 
to pass, the STS returns a value of zero. Another fact to note is that there are some tests 
that return multiple p-values. In those cases, the arithmetic mean of those p-values is taken 
and reported in our results. 
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4.5.2 Fourmilabs’ ENT Suite 

Fourmilab in Switzerland has a test suite that eonduets five tests. They are: Entropy Test, 
Chi-squared Test, Mean Test, Monte-Carlo Pi Estimation Test, and Serial Correlation Test. 
Deseriptions of these tests are doeumented on the Fourmilab Doeumentation page for this 
test suite [20]. This test suite brings a eollection of tests from different disciplines to 
determine randomness. 

Evaluation Criteria 

Unlike the NIST STS, each test in the ENT suite has a unique metric. In order for a particular 
bit stream to be considered a success, each test must fall within a certain range. 

Entropy Test The Entropy test returns how much information per bit there is. Eor this test 
to be considered a success, the value must be greater than .995. We note that the maximum 
amount of information a bit can contain is 1 bit per bit, so 1.00 is the upper end of our test. 

Chi-Squared Test The Chi-Squared test returns the Chi-squared value of the particular 
sequence. Eor this test to be considered a success, the value must be less than 127. 

Mean Test The Mean test returns the ratio of I’s divided by the total amount of bits. This 
is similar to NIST’s Monobit Frequency test. For this test to be considered a success, the 
value must be within .005 of .500. More specifically, the value must fall between .495 and 
.505. 

Monte-Carlo Value of Pi Test The Monte-Carlo Value of Pi test returns an approximation 
of Pi. For this test to be considered a success, the value must be within .02 of Pi. More 
specifically, the value must fall between approximately 3.121 and 3.161. 

Serial Correlation Test The Serial Correlation test returns a value denoting how related 
one bit is to the previous bit. This value ranges between -1 and 1. For this test to be 
considered a success, the value must be within .003 of 0. More specifically, the value must 
fall between -.003 and .003. 
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CHAPTER 5: 
Results 


We will now discuss the results of running our various bit streams through the NIST STS 
tests and Fourmilab ENT Suite tests. As we will discuss the numerical test results of 
random numbers being run through statistical tests, it is an understatement to say we will 
come across a few numbers. In an effort to present the results in a more communicable 
manner, we will be using various graphs to represent the summary results as well as the 
detailed results. 


5.1 Interpretation of Results 

Overview Results for Scheme 1 

The overview of Scheme 1 results is in the form of a grid. This overview graph is summary 
of Scheme 1 results run through the STS tests. The vertical axis shows the different states 
(moving and static), subdivided into their accelerometer and magnetometer axis registers. 
The horizontal axis is the bit position in each of the registers. This format was chosen to 
be able to survey all the registers against a similar metric, the p-value from the different 
STS tests. Passing and failing regions are colored in green and red respectively. For further 
differentiation between the moving and static data sets, successful moving data values are 
colored solid green and successful static data values are colored solid blue. Results that fail 
to pass a test, in both moving and static, are colored red. 

Summary Results 

The summary graphs are in a quadrant format. The top row is the summary of the moving 
data set and the bottom row is the summary of the static data set. Each row is separated into 
two sections, the left being the results of the STS test, using the same metric of p-value, and 
the right being the hve different ENT Suite tests. 
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Detailed Results 

In all the detailed graphs, the graph regions are eolored in green and red to denote whether 
a partieular result passed or not. We deeided to denote a single result. The more the data 
overlaps, the darker the eolor would be. The left-most eolumn will show the results of the 13 
samples of eaeh PRNG as a control. The blue points represent the Blum-Blum-Shub data 
streams. The green points represent the /dev/urandom bit streams. The red points represent 
the FORTUNA data streams. For the remaining columns, each bit has two different data 
sets, the left purple points denote the data set when the D2000 was moving and the right 
yellow points which denote the data set when the D2000 was static. 

5.2 Scheme 1 Results 

The results of Scheme 1, Figure 5.1, show that when moving, the AX4, AYS, and AZ5 
exhibit good entropy in and of themselves. Other bits that show decent randomness are 
AX5, AX6, AY4, AY6, AY7, AZ4, and AZ6. We note that these honorable mentions either 
pass all the tests but not as well as AX4, AYS, and AZ6, or they fail only a few tests. The 
magnetometer bits while moving do not seem to exhibit all that much entropy. For this 
reason, we selected AX4, AYS, and AZS to be the most random bits (MRB) and used these 
specific bits in the schemes that follow. The static data set does not show any particular 
bit to be a good entropy source. However, AX4, AY4, and AZ4 do show some anomalous 
behavior that would be interesting for a future study. 
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Figure 5.1. Scheme 1 Overview Results 


5.3 Scheme 2 Results 

The results for Seheme 2, Figures 5.2 and 5.3, demonstrate that this seheme would be 
an ideal eandidate for produeing random numbers when moving. Every test is passed 
handily. Not only would this produee sufficiently random numbers, but because it is the 
concatenation of already random bits, the speed of this bit stream is three times as fast. 
The static scenario, however, does not exhibit properties that make it a good candidate for 
random number generation, as expected. 
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Figure 5.2. Scheme 2 Summary Results 
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Figure 5.3. Scheme 2 Detailed Results 
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5.4 Scheme 3 Results 

The results for Seheme 3, Figures 5.4 and 5.5, demonstrate for the most part that this 
seheme would be a deeent eandidate for produeing random numbers when moving. It does, 
however, fail to pass the STS Random Exeursion tests. This is not of too mueh concern as 
the STS Random Excursion tests fails frequently [21]. Because we are using multiple bits 
in this scheme, the amount of bits output is about 1.5 times as fast. This indicates that using 
a trigger lacking good entropy, in this case the magnetometer LSBs as triggers, does not 
seem to affect the randomness of the output. The static scenario for Scheme 3, interestingly, 
seems to pass a number of tests, though not enough to make this scheme a good source of 
entropy while static. 
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Figure 5.4. Scheme 3 Summary Results 
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Figure 5.5. Scheme 3 Detailed Results 
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5.5 Scheme 4 Results 

The results for Scheme 4, Figures 5.6 and 5.7, show that while the moving scenario data 
sets pass a few tests, not enough tests are passed in order for us to confidently use this as a 
random number generator. An interesting takeaway from this test is that using sufficiently 
random bits as a trigger, in this case the accelerometer SMRBs, did in fact have an impact 
on the randomness of the output. The static scenario data sets pass very few tests, making 
this scheme unfeasible for the static data set. 
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Figure 5.6. Scheme 4 Summary Results 
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Figure 5.7. Scheme 4 Detailed Results 
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STATIC MOVING 


5.6 Scheme 5 Results 

The results for Seheme 5, Figures 5.8 and 5.9, show that using the magnetometer LSBs as 
a timer does not affeet the randomness of the ehosen bits very mueh. This seheme would 
be a good eandidate when using the moving seheme data sets. Unfortunately, this scheme 
seems to slow down the bit stream by approximately 5%. 
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Figure 5.8. Scheme 5 Summary Results 
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Figure 5.9. Scheme 5 Detailed Results 


37 




































5.7 Scheme 6 Results 

The results for Seheme 6, Figures 5.10 and 5.11, show that using the aeeelerometer SMRBs 
as a timer does have an affeet on the randomness of the ehosen bits. A few of the tests, 
namely the Bloek Frequeney and FFT tests in the STS suite, pass, but are below the p-value 
threshold of .1, making them a bit questionable. The statie scenario data sets, again, do not 
demonstrate good properties as a random number generator. 
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Figure 5.10. 


Scheme 6 Summary Results 
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Figure 5.11. Scheme 6 Detailed Results 
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STATIC MOVING 


5.8 Scheme 7 Results 

The results for Seheme 7, Figures 5.12 and 5.13, show that using the parity bits of the 
registers is not a good generation scheme for both the moving and static scenario data sets. 
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Figure 5.12. 


Scheme 7 Summary Results 
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Figure 5.13. Scheme 7 Detailed Results 


41 
































THIS PAGE INTENTIONALLY LEET BLANK 


42 



CHAPTER 6: 
Conclusion 


In conclusion, the viability of generating true-random numbers from the BMC 150 whieh 
will be installed on future generations of NPSFS has been demonstrated. There is confidence 
that further studies would be able to integrate further sources of entropy and implement 
methods to optimize the sensor input to maximize randomness. 

6.1 Findings 

We identified speeific bits in the BMC 150 eCompass that ean be used as sources of entropy 
in and of themselves. We also showed that certain schemes ean be used to inerease the bit 
stream speed. The schemes that showed promise are: the eoneatenation of the identified 
bits. 


6.2 Future Works 

This project can lead to further studies in four different areas: what the random numbers 
that are produced can be used for, what protocols can be used or designed to transmit these 
random numbers, what other environments are available to use the device, and what other 
sensors can be used as an entropy source. 

6.2.1 Uses for Generated Numbers 

Regarding the various uses of these random numbers generated on the NPSFS, one use ease 
it to generate a unique key for the on-board CDMA radio. Another use case would be to 
broadeast these numbers to other NPSFS in the constellation for use in their eomputations 
or key generation. Yet another idea would be to take a page from the GPS satellite playbook 
and broadcast random numbers down to earth for “the benefit of humanity,” streaming 
continuous random numbers to anyone with a low cost receiver. 
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6.2.2 Protocols 

We see two different categorical methods for using numbers generated by our TRNG. The 
brst is to use a certain number of bits produced as a seed or one-time-used number, or 
“nonce”. In order to do so, one may just collect a certain amount of data without regard 
to any metadata regarding the data transmission. The second idea would be to have two 
or more parties establish an a priori time to collect data. In order to communicate these 
random numbers, various protocols should be studied to determine which method provides 
the optimal properties when considering transmission speed and data integrity. Another 
case to consider would be how to describe when one starts and stops collection. This way, 
people may be able to record and reference specihc bit streams to facilitate “sharing” of 
these random numbers. 

6.2.3 Other Environments 

Though this study focused on the scenario of the NPSFS operating in free space, further 
studies could be conducted on how the NPSFS could operate as a TRNG in high altitude, 
on the surface of the ocean, or even hanging from a stationary object. 

6.2.4 Other Sensors to Use as Entropy Sources 

Regarding the different sensors that could be tested for randomness on-board the NPSFS, 
some ideas include: using unshielded memory to determine if any bits are flipped due to 
cosmic radiation; using radio frequency noise from an on-board radio receiver; and possibly 
using an on-board camera to obtain images and use the image as a source of randomness. 
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APPENDIX A: 
Rig 


A.l Rig Components 

The rig used was made with the following pieees: 

• 3D Printer: Sunhokey Prusa i3 

• Filament Material: HATCHBOX 3D, PLA 1.75mm, Black 

• Motors: Upgrade Industries DC 12V 200RPM Mini Metal Gear Motor 

• Motor eontrollers: RioRand^'^ Upgraded 6V-90V 15A DC Motor Controller 

• Bluetooth module: KEDSUM Arduino HC-06 Serial Bluetooth Module 

• LiPo battery: Morpilot 3.7V 720mAh 20C Lipo Battery 


A.2 Rig Anatomy 

Spinning Arm Controller 
Spinning Enelosure Controller 
Spinning Arm 

(7) Spinning Enelosure Motor 
Enelosure 
LiPo battery 

HC-06 Bluetooth module 
Intel Quark D2000 
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Figure A.l. 3D Motion Simulation Rig 
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APPENDIX B; 
Supplemental Material 


The following is a description of the data provided as supplemental material to this thesis. 
For access to this supplemental data, please contact the Naval Postgraduate School library. 

CAD Files for the 3D Simulation Rig. These are the various 3D files used to produce the 
3D simulation rig. The files were created with FreeCAD, an open-source parametric 3D 
CAD modeler. 

Raw Data Collected and Used in Thesis. These are the raw data samples collected and 
analyzed during the thesis research. Additionally included is the code that was used to 
produce the BBS and FORTUNA PRNG data used as a control. 

Results. These are the results of the experimentation done during this thesis research. 

Firmware for Intel Quark D2000. This is the modified library code and firmware flashed 
onto the Intel Quark D2000 to generate the raw data used. The version of Intel System 
Studio for Microcontroller used was 3.0.0.20160726 on an ASUS UX501J laptop running 
Ubuntu 14.04 LTS. 

Various Graphics. These are various graphics used in the thesis. 

Thesis Presentations. These are the results presentation and NPS Applied Math department 
presentation. The results presentation was presented after completing the data analysis to 
Professors Dinolt and Stanica. The final presentation given to the NPS Applied Math 
department upon completion of the thesis. 

Tools. These are various software tools used throughoutt the thesis experimentation. 
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